Conditions
You can set the following rule conditions:
Type |
Match options |
Values |
Example |
Logical operator |
|
|
|
|
or |
|
|
Format: |
|
and |
|
|
Request path, initial part of the request path, or PIRE library |
|
N/A |
|
|
Format: |
|
and |
|
|
Values of the |
|
or |
|
|
HTTP request method |
|
or |
|
|
Format: |
|
and |
|
|
String in the HTTP packet body or |
|
or |
Regular expression format
You can use regular expressions in such conditions as HTTP header
, Request URI
, Query Match
, Host
, HTTP method
, Cookie
, or HTTP body
. These conditions support the match types Matches regular expression and Does not match regular expression.
Regular expression operators
-
Quantifiers. These set the allowed number of element repetitions.
-
*
: Zero or more occurrences of any characters.a*
: Zero or more occurrences of thea
character.a*b
: Any occurrence ofa
beforeb
.For example,
a*
means an empty string,a
,aa
,aaa
, etc. -
a+
: One or more occurrences ofa
.For example,
a+
:a
,aa
,aaa
, etc. -
a?
: Zero or one occurrence ofa
.For example,
https?://
meanshttp://
andhttps://
. -
{n}
: n occurrences. For example,a{3}
:aaa
. -
{n,m}
: From n through m occurrences. For example,a{3,5}
:aaa
,aaaa
, andaaaaa
. -
{n,}
: At least n occurrences. For example,a{3,}
:aaa
,aaaa
,aaaaa
, etc.
-
-
Characters and operations.
-
.
: Any single character, but for line break one.For example,
a.b
meansaab
andacb
, but notab
. -
[abc]
: One of the characters between the square brackets.For example,
[abc]
meansa
,b
, andc
. -
[^abc]
: Any character, but for those between the square brackets.For example,
[^abc]
means any character other thana
,b
, orc
. -
[a-z]
: Any character froma
throughz
.For example,
[a-z]
means any lowercase letter froma
throughz
. -
a|b
: Mutually exclusive options, eithera
orb
.For example,
example|domain
means eitherexample
ordomain
. -
\\w
: Any letter. -
\\W
: Non-letter (digit, underscore, punctuation marks, space, etc). -
\\d
: Digit.\\D
: Non-digit. -
\\s
: Space.\\S
: Non-space.
-
Note
To use a character not as a regular expression operator or special character, escape it with \
. For example, you need to escape such characters as . + * [ ] ( ) { } ^ $ ?
.
Case in regular expressions
-
Case sensitive. Enter a regular expression in required case.
For example,
exaMple
will represent theexaMple
string. -
Case insensitive. Add
(?i)
to the beginning of the expression.For example,
(?i)example
will represent strings likeexample
,EXaMple
,EXAMPLE
, etc.
Examples of regular expressions
-
^User-Agent:\s*$
: Block requests with empty or space-onlyUser-Agent
header value.In this expression,
^
is the beginning of the string,\s*
is zero or more spaces, and$
is the end of the string. -
\\[\'\"\.\;]
: Block requests containing\
before a suspicious character (backslash injections).In this expression,
\\
is backslash, and[\'\"\.\;]
is any character from between the square brackets. -
a{100,}
: Block requests containing unusually long sequences of identical characters, as this may be a sign of a DDoS attack.In this expression,
a{100,}
stands for 100 or morea
in a row. -
--.*
: Block requests containing comments in SQL queries, as this may be a sign of an SQL injection.In this expression,
--
is the beginning of an SQL comment, and.*
is zero or more of any characters.